UTSA team wants companies and governments to adopt a scientific framework to measure cyber agility.
(June 7, 2019) –- For more than a year, GozNym, a gang of five Russian cyber criminals, stole login credentials and emptied bank accounts from unaware Americans. To detect and quickly respond to escalating cyber-attacks like these, researchers at The University of Texas at San Antonio (UTSA) have developed the first framework to score the agility of cyber attackers and defenders. The cyber agility project was funded by the Army Research Office.
“Cyber agility isn’t just about patching a security hole, it’s about understanding what happens over time. Sometimes when you protect one vulnerability, you expose yourself to 10 others,” said computer science alumnus Jose Mireles ’17, who now works for the U.S. Department of Defense and co-developed this first known framework as part of his UTSA master’s thesis. “In car crashes, we understand how to test for safety using the rules of physics. It is much harder to quantify cybersecurity because scientists have yet to figure out what are the rules of cybersecurity. Having formal metrics and measurement to understand the attacks that occur will benefit a wide range of cyber professionals.”
To develop a quantifiable framework, Mireles collaborated with fellow UTSA student Eric Ficke, researchers at Virginia Tech, U.S. Air Force Research Laboratory, and the U.S. Army Combat Capabilities Development Command Army Research Laboratory (CCDC ARL). The project was conducted under the supervision of UTSA Professor Shouhuai Xu, who serves as the director of the UTSA Laboratory for Cybersecurity Dynamics.
Together, they used a honeypot—a computer system that lures real cyber-attacks—to attract and analyze malicious traffic according to time and effectiveness. As both the attackers and the defenders created new techniques, the researchers were able to better understand how a series of engagements transformed into an adaptive, responsive and agile pattern or what they called an evolution generation.
The framework proposed by the researchers will help government and industry organizations visualize how well they out-maneuver attacks. This groundbreaking work will be published in an upcoming issue of IEEE Transactions on Information Forensics and Security, a top cybersecurity journal.
“The cyber agility framework is the first of its kind and allows cyber defenders to test out numerous and varied responses to an attack,” said Xu. “This is an outstanding piece of work as it will shape the investigation and practice of cyber agility for the many years to come.”
"The DoD and US Army recognize that the Cyber domain is as important a battlefront as Ground, Air and Sea," said Purush Iyer, Ph.D. division chief, network sciences at Army Research Office, an element of CCDC ARL. "Being able to predict what the adversaries will likely do provides opportunities to protect and to launch countermeasures."
Mireles added, “A picture or graph in this case is really worth more than 1,000 words. Using our framework, security professionals will recognize if they’re getting beaten or doing a good job against an attacker.”
UTSA is home to the nation’s top cybersecurity program, an interdisciplinary approach that spans three colleges: the College of Business, College of Engineering and College of Sciences. Research centers and outreach programs provide UTSA students and faculty with additional opportunities to explore the various facets of this high demand and ever-changing field.
The Department of Computer Science, housed in the UTSA College of Sciences, offers bachelor’s, master’s and doctoral degree programs that support more than 1,360 undergraduate students and 68 graduate students. Its major research units include the UTSA Institute for Cyber Security, which operates the FlexCloud and FlexFarm laboratories dedicated to both basic and applied cybersecurity research, and the UTSA Center for Infrastructure Assurance and Security (CIAS), which focuses on the cybersecurity maturity of cities and communities while conducting national cyber defense competitions for high school and college students.
San Antonio is home to one of the largest concentrations of cybersecurity experts and industry leaders outside Washington, D.C., which uniquely positions the city and UTSA to lead the nation in cybersecurity research and workforce development.
Learn more about the UTSA Department of Computer Science.
Learn more about cybersecurity at UTSA.
Celebrate UTSA’s 50th Anniversary and share social media posts about the 50th using the hashtag #UTSA50.
Connect with UTSA online at Facebook, Twitter, YouTube, Instagram and LinkedIn.
UTSA Today is produced by University Communications and Marketing, the official news source of The University of Texas at San Antonio. Send your feedback to news@utsa.edu. Keep up-to-date on UTSA news by visiting UTSA Today. Connect with UTSA online at Facebook, Twitter, Youtube and Instagram.
Join the UTSA community in celebrating the life of Dr. Thelma Duffey.
Aula Canaria (BV 1.328), Buena Vista Building, Downtown CampusThe proposed annual BME Research Symposium will allow students to present their undergraduate research free of charge, providing them with the opportunity to network and build their professional skills.
H-E-B Student Union Ballroom 1 & 2, Main CampusThe UTSA Marches Committee, in partnership with the Cesar E. Chavez Legacy and Education Foundation, invites everyone to the 27th annual Cesar E. Chavez March for Justice. This event is in conjunction with the "Yes We CAN" food donation drive with the San Antonio Food Bank. Guests are encouraged to bring canned food items with them to the march to deposit cans into barrels before the march begins.
1310 Guadalupe St, San Antonio, TX 78207Join us to learn about how Impostor Syndrome can affect your career decisions and how you view yourself, your knowledge, and abilities. You will leave with actionable items related to implementing coping strategies for symptoms that may arise in your career development (mentally, physically, emotionally).
University Career Center (S.U. 2.02.04,) Main CampusJoin UTSA librarians for this introductory workshop for early career faculty on how to build your online scholarly identity.
John Peace Library, GroupSpot BJoin the conversation with Karleen Pendleton Jimenez, a professor in the Department of Gender and Social Justice at Trent University.
Virtual EventLearn to use the dynamic tool VMOCK to assist you in your job/internship search. Evaluate your resume. Get feedback on your "elevator pitch" and on how you engage in verbal communication virtually and in-person.
Multidisciplinary Studies (MS 2.02.36,) Main CampusThe University of Texas at San Antonio is dedicated to the advancement of knowledge through research and discovery, teaching and learning, community engagement and public service. As an institution of access and excellence, UTSA embraces multicultural traditions and serves as a center for intellectual and creative resources as well as a catalyst for socioeconomic development and the commercialization of intellectual property - for Texas, the nation and the world.
To be a premier public research university, providing access to educational excellence and preparing citizen leaders for the global environment.
We encourage an environment of dialogue and discovery, where integrity, excellence, inclusiveness, respect, collaboration and innovation are fostered.
UTSA is a proud Hispanic Serving Institution (HSI) as designated by the U.S. Department of Education.
The University of Texas at San Antonio, a Hispanic Serving Institution situated in a global city that has been a crossroads of peoples and cultures for centuries, values diversity and inclusion in all aspects of university life. As an institution expressly founded to advance the education of Mexican Americans and other underserved communities, our university is committed to ending generations of discrimination and inequity. UTSA, a premier public research university, fosters academic excellence through a community of dialogue, discovery and innovation that embraces the uniqueness of each voice.